Tuesday, January 25, 2011

OPC SCADA Viewer Vulnerability

Yesterday the DHS Industrial Control System Cyber Emergency Response Team (ICS-CERT) published an advisory for a buffer overflow vulnerability identified in the AGG Software OPC SCADA Viewer Software. The vulnerability could allow arbitrary code application by an attacker with moderate skill levels and physical access to a local machine. No publicly available exploit has been seen.

AGG Software does have a patch available and a newer version {1.5.2(Build 110)} without the vulnerability is also available. ICS-CERT reminds users not to open configuration files from untrusted sources.

No comments:

/* Use this with templates/template-twocol.html */